Lucene search
WpvulndbWPVDB-ID:CF8689EA-99E9-4382-9D83-84FDEDF07DF9HistoryJul 09, 2020 - 12:00 a.m.
Knight Lab Timeline < 3.7.0.0 - Outdated TimelineJS library could Lead to Stored XSS
2020-07-0900:00:00
wpscan.com
7
0.001 Low
EPSS
Percentile
22.7%
The plugin used the TimelineJS library < 3.7.0 which is affected by a stored Cross-Site Scripting issues if an attacker has write privileges on the source data used for the timeline which is stored on Google Sheets or in a JSON configuration file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| knight-lab-timelinejs | lt | 3.7.0.0 |
Related
githubexploit
githubexploit
Exploit for Cross-site Scripting in Northwestern Timelinejs
2020-12-01 09:45:48
veracode
veracode
Cross-Site Scripting (XSS)
2020-07-13 02:47:14
nvd
nvd
CVE-2020-15092
2020-07-09 19:15:11
prion
prion
Design/Logic Flaw
2020-07-09 19:15:00
cvelist
cvelist
CVE-2020-15092 Stored XSS in TimelineJS3
2020-07-09 18:25:12
patchstack
patchstack
osv
osv
Stored XSS in TimelineJS3
2020-07-09 18:28:07
CVE-2020-15092
2020-07-09 19:15:11
cve
cve
CVE-2020-15092
2020-07-09 19:15:11
github
github
Stored XSS in TimelineJS3
2020-07-09 18:28:07